Issue #731: Reject tar entries >= INT64_MAX

Note that the code that parses file sizes returns INT64_MAX on overflow.
author: Tim Kientzle <kientzle@acm.org> 2016-08-21 17:31:49 -0700
committer: Tim Kientzle <kientzle@acm.org> 2016-08-21 17:31:49 -0700
commit: 299c6bf136b9bc328b498505f24f87e732b73ff6 (patch)
tree: 0fbf951a482448354dbef4db8aef793e5996227a /libarchive/archive_read_support_format_tar.c
parent: 1fa9c7bf90f0862036a99896b0501c381584451a (diff)
download: libarchive-299c6bf136b9bc328b498505f24f87e732b73ff6.tar.gz
1 files changed, 9 insertions, 2 deletions
diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c
index b0521a62..eb60e1a0 100644
--- a/libarchive/archive_read_support_format_tar.c
+++ b/libarchive/archive_read_support_format_tar.c
@@ -1128,8 +1128,15 @@ header_common(struct archive_read *a, struct tar *tar,
 	if (tar->entry_bytes_remaining < 0) {
 		tar->entry_bytes_remaining = 0;
 		archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
-		    "Tar entry has negative size?");
-		err = ARCHIVE_WARN;
+		    "Tar entry has negative size");
+		return (ARCHIVE_FATAL);
+	}
+	if (tar->entry_bytes_remaining == INT64_MAX) {
+		/* Note: tar_atol returns INT64_MAX on overflow */
+		tar->entry_bytes_remaining = 0;
+		archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
+		    "Tar entry size overflow");
+		return (ARCHIVE_FATAL);
 	}
 	tar->realsize = tar->entry_bytes_remaining;
 	archive_entry_set_size(entry, tar->entry_bytes_remaining);
author	Tim Kientzle <kientzle@acm.org>	2016-08-21 17:31:49 -0700
committer	Tim Kientzle <kientzle@acm.org>	2016-08-21 17:31:49 -0700
commit	299c6bf136b9bc328b498505f24f87e732b73ff6 (patch)
tree	0fbf951a482448354dbef4db8aef793e5996227a /libarchive/archive_read_support_format_tar.c
parent	1fa9c7bf90f0862036a99896b0501c381584451a (diff)
download	libarchive-299c6bf136b9bc328b498505f24f87e732b73ff6.tar.gz